IETF-SSH archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
RE: Authenticated cipher modes
[Sara Golemon]
> Given that method renegotiation is appearantly part of the
> spec, I'd be inclined to ask: "So why not use it for this
> ciphers containing data integrity issue?" It seems like a
> much more straightforward approach than adding per-cipher
> specific logic to the method selection criteria.
The per-cipher specific logic in this case would be very simple (requiring
only very local code change), efficient in terms of additional roundtrips
(none required), and compatible with the installed base (special rules for
helix are orthogonal to rules currently in use), whereas the proposal to use
renegotiation for this purpose is complex (key re-exchange is like turning a
bus on a highway), inefficient (requires many additional roundtrips for
something that could be done without any), and not necessarily compatible
with the installed base (though key re-exchange is required, not all
implementations support it).
I therefore think that harnessing key re-exchange for this purpose would be
a very bad decision.
Home |
Main Index |
Thread Index |
Old Index